Published: 05/10/2018 Updated: 15/04/2019

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote malicious user to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to be processed by an affected device. An exploit could allow the malicious user to cause a reload of the affected device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios xe 16.8.1
cisco ios xe 15.5\\(3\\)s5.36

A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security ...

CWE-20 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec http://www.securitytracker.com/id/1041737 http://www.securitytracker.com/id/1041735 http://www.securityfocus.com/bid/105418 https://ics-cert.us-cert.gov/advisories/ICSA-19-094-04 https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec

CVE-2018-0472

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect